Spring announced a remote code execution vulnerability in Spring Core, aka Spring4Shell. Details and actions here.
Cybersecurity News
Chrome update fixes “severe” vulnerability
Do you use Chrome as your desktop web browser? If so, please check which version of Chrome you have installed on your computer. If your version of Chrome is not up to date, you could be vulnerable to hackers.
Beware of Ukraine-themed phishing scams
Although there are no current credible Russian cybersecurity threats to U.S. universities, UW’s cybersecurity team is prepared to prevent cyberattacks. Do your part by identifying and reporting phishing scams related to Ukraine.
Last Chance For Early Registration: EDUCAUSE Cybersecurity Conference
In Baltimore: May 3-5. Attend for just-in-time content to help higher education cybersecurity and privacy professionals address current challenges. Price increases after Mar 22!
Join The Cybersecurity Forward Planning Committee
The Cybersecurity Forward Planning Committee is looking for new members! Interested in joining? Let us know by Feb 4.
Action Needed: Log4J Vulnerability
The UW–Madison Cybersecurity Operations Center has confirmed numerous attempts on the campus network. In order to secure your systems, you need to act now.
Are your smart home devices secure?
Smart TVs, cameras, speakers, watches, toys, phones, tablets and other internet-connected devices add convenience to our lives, but their security isn’t guaranteed. Get tips to protect your personal info.
8/16 Phishing Alert! Subject: “Benefits”
There’s an active phishing campaign targeting UW–Madison email addresses. The attacker offers to provide financial assistance to qualifying employees. Sure signs it’s bogus: misspellings and a link to a non-UW URL.
6/28 Phishing Alert: Subject – “IRS Announces New Programs That Forgives Millions”
There’s an active phishing campaign targeting UW–Madison email addresses. The attacker offers info on a tax-forgiveness program. A sure sign it’s bogus: grammatical error in the subject line.
6/28 Phishing Alert: Subject – “Wisconsin” or “support team”
There’s an active phishing campaign targeting UW–Madison email addresses. The attacker impersonates a UW–Madison sender and offers significant financial relief.